<?php
if( !class_exists('px_model') ){
	class px_model{
		var $version = "2.2";
		var $appName = "PhotoXhibit";
		var $appUrl = "http://benjaminsterling.com/photoxhibit/";

		var $flickrapi = "99c12772538849fb2890645771d923f9";
		var $flickrsecret = "8a57859bc7b2cb30";
		var $smugmugapi = "8vjhYpC7wz53UTdspu33yRaYXEPgrU5D";

		var $options;
		var $vars;
		var $cur_gallery_info = NULL;
		var $cur_gallery_id;
		var $cur_image_group;

		function px_model(){
			$this->set_vars();
		}
		
		function getOptions(){
			return get_option('photoxhibit');
		}
		
		function set_vars(){
			global $wpdb;
			$var = array(
				// database tables
				'albums' => $wpdb->prefix . "px_albums",
				'albums_version' => "1.2",
				
				'albumPhotos' => $wpdb->prefix . "px_albumPhotos",
				'albumPhotos_version' => "1.2",

				'galleries' => $wpdb->prefix . "px_galleries",
				'galleries_version' => "1.3",

				'photos' => $wpdb->prefix . "px_photos",
				'photos_version' => "1.2",
				
				'plugins' => $wpdb->prefix . "px_plugins",
				'plugins_version' => "1.2"
			);
			$this->vars = $var;
			unset($var);
		}

		/**
		 *	The SQL statement for albums
		 */
		function get_albumsCreateSql( $charset_collate ){
			return "CREATE TABLE " . $this->vars['albums'] . " (
				album_id bigint(20) NOT NULL auto_increment,
				album_name varchar(255) NOT NULL,
				album_sortorder int(2) NOT NULL default '99',
				PRIMARY KEY  (album_id)
			) $charset_collate ;";
		}  //  end : get_ablumCreateSql()


		/**
		 *	The SQL statement for Galleries
		 */
		function get_galleriesCreateSql( $charset_collate ){
			return "CREATE TABLE " . $this->vars['galleries'] . " (
				gallery_id mediumint(9) NOT NULL auto_increment,
				gallery_title varchar(100) NOT NULL,
				plugin_id varchar(100) default '0',
				gallery_params varchar(255) default NULL,
				gallery_framework varchar(100) default 'jQuery',
				gallery_css text,
				gallery_uselarge char(1) NOT NULL default '0',
				gallery_structure int(1) NOT NULL default '0',
				gallery_extra varchar(100)  default NULL,
				PRIMARY KEY  (gallery_id)
			) $charset_collate ;";
		}  //  end : get_ablumCreateSql()


		/**
		 *	The SQL statement for Plugins
		 */
		function get_pluginsCreateSql( $charset_collate ){
			return "CREATE TABLE " . $this->vars['plugins'] . " (
				plugin_id mediumint(9) NOT NULL auto_increment,
				plugin_title varchar(100) NOT NULL,
				plugin_js varchar(100) NOT NULL,
				plugin_css text,
				plugin_example varchar(255) default NULL,
				plugin_params text,
				plugin_framework varchar(100) default 'jQuery',
				PRIMARY KEY  (plugin_id)
			) $charset_collate ;";
		}  //  end : get_galleryCreateSql()


		/**
		 *	The SQL statement for Photo
		 */
		function get_photoCreateSql( $charset_collate ){
			return "CREATE TABLE " . $this->vars['photos'] . " (
				photo_id mediumint(9) NOT NULL auto_increment,
				photo_alt varchar(255) default NULL,
				photo_url varchar(255) NOT NULL,
				photo_tnurl varchar(255) NOT NULL,
				photo_order int(3) NOT NULL default '99',
				gallery_id int(3) NOT NULL,
				albumPhotos_id int(10) NULL default 0,
				PRIMARY KEY  (photo_id)
			) $charset_collate ;";
		}  //  end : get_photoCreateSql()


		/**
		 *	The SQL statement for albumPhotos
		 */
		function get_albumPhotosCreateSql( $charset_collate ){
			return "CREATE TABLE " . $this->vars['albumPhotos'] . " (
				albumPhotos_id int(10) NOT NULL auto_increment,
				album_id int(10) default '0',
				post_id int(10) default '0',
				albumPhotos_file varchar(255) NOT NULL,
				albumPhotos_ext varchar(4) NOT NULL default 'jpg',
				albumPhotos_desc text,
				albumPhotos_alt mediumtext,
				albumPhotos_tags varchar(255) default NULL,
				albumPhotos_isactive char(1) default '1',
				PRIMARY KEY  (albumPhotos_id),
				KEY album_id (album_id,post_id)
			) $charset_collate ;";
		}  //  end : get_albumPhotosCreateSql()
	
		function install(){
	
			global $wpdb , $wp_roles, $wp_version;
			
			// Check for capability
			/*if ( !current_user_can('activate_plugins') ) {
				return false;
			}*/

			require_once(ABSPATH . 'wp-admin/upgrade-functions.php');
	
			// add charset & collate like wp core
			$charset_collate = '';
		
			if ( version_compare(mysql_get_server_info(), '4.1.0', '>=') ) {
				if ( ! empty($wpdb->charset) )
					$charset_collate = "DEFAULT CHARACTER SET $wpdb->charset";
				if ( ! empty($wpdb->collate) )
					$charset_collate .= " COLLATE $wpdb->collate";
			}
			
			add_option('photoxhibit', NULL, 'Options for the PhotoXhibit plugin', 'no');
			$options = get_option('photoxhibit');
			
	
			$album = $this->vars['albums'];
			if($wpdb->get_var("show tables like '$album'") != $album) {
				dbDelta($this->get_albumsCreateSql( $charset_collate ));
				$options['album_version'] = $this->vars['albums_version'];
			}
			else{
				if($options['album_version'] != $this->vars['albums_version']){
					dbDelta($this->get_albumsCreateSql( $charset_collate ));
					$options['album_version'] = $this->vars['albums_version'];
				}
			}
	
			$plugins = $this->vars['plugins'];
	
			if($wpdb->get_var("show tables like '$plugins'") != $plugins) {
				dbDelta($this->get_pluginsCreateSql( $charset_collate ));
				$options['plugins_version'] = $this->vars['plugins_version'];
				include('pluginArray.php');
	
				$sql = "INSERT INTO " . $plugins . " (plugin_id, plugin_title, plugin_js, plugin_css, plugin_example, plugin_params, plugin_framework)  VALUES ";
				$sqlArray = array();
				for ($i = 0; $i < count($galleries); $i++) {
					array_push($sqlArray, "( ".($i+1).", '". $wpdb->escape($galleries[$i]['title']) ."', '".$wpdb->escape($galleries[$i]['js'])."', '".$wpdb->escape($galleries[$i]['css'])."', '".$wpdb->escape($galleries[$i]['example'])."', '".$wpdb->escape($galleries[$i]['params'])."', '".$wpdb->escape($galleries[$i]['framework'])."')");
				}
				$sql .= join(',',$sqlArray);

				$wpdb->query($sql);
			}
			else{
				if(	$options['plugins_version'] != $this->vars['plugins_version'] ){
					dbDelta($this->get_pluginsCreateSql( $charset_collate ));
					$options['plugins_version'] = $this->vars['plugins_version'];
				}
			}
		
			$galleries = $this->vars['galleries'];
			if($wpdb->get_var("show tables like '$galleries'") != $galleries) {
				dbDelta($this->get_galleriesCreateSql( $charset_collate ));
				$options['galleries_version'] = $this->vars['galleries_version'];
			}
			else{
				if( $options['galleries_version'] != $this->vars['galleries_version'] ){
					dbDelta($this->get_galleriesCreateSql( $charset_collate ));
					$options['galleries_version'] = $this->vars['galleries_version'];
				}
			}
		
			$photos = $this->vars['photos'];
			if($wpdb->get_var("show tables like '$photos'") != $photos) {
				dbDelta($this->get_photoCreateSql( $charset_collate ));
				$options['photos_version'] = $this->vars['photos_version'];
			}
			else{
				if( $options['photos_version'] != $this->vars['photos_version'] ){
					dbDelta($this->get_photoCreateSql( $charset_collate ));
					$options['photos_version'] = $this->vars['photos_version'];
				}
			}
		
			$aphotos = $this->vars['albumPhotos'];
			if($wpdb->get_var("show tables like '$aphotos'") != $aphotos) {
				dbDelta($this->get_albumPhotosCreateSql( $charset_collate ));
				$options['albumPhotos_version'] = $this->vars['albumPhotos_version'];
			}
			else{
				if( $options['albumPhotos_version'] != $this->vars['albumPhotos_version'] ){
					dbDelta($this->get_albumPhotosCreateSql( $charset_collate ));
					$options['albumPhotos_version'] = $this->vars['albumPhotos_version'];
				}
			}

			$options['use_picasa'] = 1;
			$options['use_flickr'] = 1;
			$options['use_smugmug'] = 1;
			$options['use_album'] = 1;
			$options['use_local'] = 1;
			$options['use_browse'] = 0;
			$options['options_thumbailSet'] = 0;
		
			$options["options_thumbailW"] = 100;
			$options["options_thumbailH"] = 100;
			$options["options_thumbailW2"] = 250;
			$options["options_thumbailH2"] = 250;
	
			$options['options_MaxWidth'] = 800;
			$options['options_MaxHeight'] = 600;
			
			$options['options_imageQuality'] = 80;
			$options['options_tnimageQuality'] = 90;
			
			$options['options_original'] = 0;
			$options['options_dropall'] = 0;
			
			
			$options["use_effectSlide"] = 0;

			
			$options['options_path'] = attribute_escape(str_replace(ABSPATH, '', get_option('upload_path')));
			$options['options_delete'] = 1;
			$options["use_manager"] = 0;
			
			$options["flash_version_multi_upload"] = 1;
			$options["none_ajax_styles"] = 1;
			
			update_option('photoxhibit', $options);
		}  //  end : install()

		function get_plugins($id=0){
			global $wpdb;
			$sql = "SELECT * FROM " . $this->vars['plugins'];
			if( $id != 0 ){
				$sql .= ' where plugin_id ='.$wpdb->escape($id);
			}
			return $wpdb->get_results($sql);
		}  //  end : get_galleries()
		
		
		function processGallery($post = null){
			global $wpdb, $px_controller, $px_view;
			$return = array();

			$imgs = $px_controller->encodeTo($post['images']);

			$objs = $px_controller->jsonDecode(stripslashes($imgs));

			if(!is_array($objs) && !is_a($objs[0], 'stdClass')){
				return '{"result":"error","errorType":"notObj**"}';
				exit();
			}
			
			$strTitle  = urldecode($post['gallery_title']);
			$strParams = urldecode( stripslashes($post['gallery_params']) );

			array_push($return,'"images":'.stripslashes($post['images']).'');
			array_push($return,'"params":'.$strParams.'');
			array_push($return,'"structure":"'.$post['gallery_structure'].'"');
			array_push($return,'"title":"'.$strTitle.'"');
			array_push($return,'"useLarge":'.$post['gallery_uselarge'].'');
			array_push($return,'"cols":"'.$post['gallery_extra'].'"');

			$sql = "SELECT * FROM ".$this->options['plugins']." WHERE plugin_id = ".$post['plugin_id'];
			$pluginResult = @$wpdb->get_row($sql);

			array_push($return,'"gallery":"'.$pluginResult->plugin_js.'"');

			if( isset($post['gallery_id']) && !empty($post['gallery_id']) ){
				$id = $post['gallery_id'];

				$sql = "UPDATE ".$this->vars['galleries'] . " SET 
						gallery_title = '". $wpdb->escape( $strTitle )."',
						plugin_id = '". $wpdb->escape($post['plugin_id'])."',
						gallery_params = '". $wpdb->escape( $strParams )."',
						gallery_framework = '". $wpdb->escape($pluginResult->plugin_framework)."',
						gallery_uselarge = '". $wpdb->escape($post['gallery_uselarge'])."',
						gallery_structure = ". $wpdb->escape($post['gallery_structure']).",
						gallery_extra = '". $wpdb->escape($post['gallery_extra'])."'
						WHERE gallery_id = ".$wpdb->escape($id)." LIMIT 1";
				$wpdb->query($sql);
				
				if( $post['plugin_id'] != $post['curplugin_id'] ){
				
					if( $pluginResult ){
						$pxpath = $this->options['pluginjs'].$pluginResult->plugin_js;
						$css = $pluginResult->plugin_css;
						$css = preg_replace(array('/#px/','/{PXPATH}/'), array('#px'.$id,$pxpath),$css);
					}
					else{
						$p = $px_view->galleryPluginUrl;
						$p .= $px_controller->vars['plugin_cache'][$post['plugin_id']]['Path'];
						$path = $p.'/'.$px_controller->vars['plugin_cache'][$post['plugin_id']]['Css'];
						
						$css = implode( '', file( $path ) );
						$css = preg_replace(array('/#px/','/{PXPATH}/'), array('#px'.$id,$p),$css);
					}
					

					$sql = "UPDATE ".$this->vars['galleries'] . " SET 
							gallery_css = '". $css ."'
							WHERE gallery_id = ".$wpdb->escape($id)." LIMIT 1";
					$wpdb->query($sql);
				}
			}
			else{

				$sql = "INSERT INTO ".$this->vars['galleries'] . "
						(gallery_title, plugin_id, gallery_params, gallery_css, 
						gallery_framework, gallery_uselarge, gallery_structure,gallery_extra) VALUES (
						'". $wpdb->escape( $strTitle )."',
						'". $wpdb->escape($post['plugin_id'])."',
						'". $wpdb->escape( $strParams )."',
						'". $wpdb->escape($pluginResult->plugin_css)."',
						'". $wpdb->escape($pluginResult->plugin_framework)."',
						'". $wpdb->escape($post['gallery_uselarge'])."',
						" . $wpdb->escape($post['gallery_structure']).",
						'". $wpdb->escape($post['gallery_extra'])."')";
				$wpdb->query($sql);
				
				$id = mysql_insert_id();
				
				if( $pluginResult ){
					$pxpath = $this->options['pluginjs'].$pluginResult->plugin_js;
					$css = $pluginResult->plugin_css;
					$css = preg_replace(array('/#px/','/{PXPATH}/'), array('#px'.$id,$pxpath),$css);
				}
				else{
					$p = $px_view->galleryPluginUrl;
					$p .= $px_controller->vars['plugin_cache'][$post['plugin_id']]['Path'];
					$path = $p.'/'.$px_controller->vars['plugin_cache'][$post['plugin_id']]['Css'];
					
					$css = implode( '', file( $path ) );
					$css = preg_replace(array('/#px/','/{PXPATH}/'), array('#px'.$id,$p),$css);
				}

				$sql = "UPDATE ".$this->vars['galleries'];
				$sql .= " SET gallery_css = '".$css ."'";
				$sql .= " WHERE gallery_id = " . $id;
				$wpdb->query($sql);//
			}
			
			$sql = "DELETE FROM ".$this->vars['photos']." WHERE gallery_id = ".$id ;
			$wpdb->query($sql);
	
			foreach($objs as $obj => $v){
				$sql = "INSERT INTO ".$this->vars['photos']." 
						(photo_alt, photo_url, photo_tnurl, photo_order,gallery_id, albumPhotos_id) 
						VALUES 
						('".$wpdb->escape($v->a)."','".$v->f."','".$v->t."','".$obj."',$id,".$v->i.")";
				$wpdb->query($sql);
			}
			
			header('Location: '.$this->wpSiteUrl.'/wp-admin/admin.php?page=px_build&pxgid='.$id);
			//return '{"result":"done","id":"'.$id.'",'.join(',',$return).'}';
		}  //  end : processGallery()

		function get_gallery_data($id=0){
			global $wpdb;
			$id = ($id==0) ? $this->cur_gallery_id : $id;
			$sql = "SELECT * FROM ".$this->vars['galleries']." WHERE gallery_id = ".$wpdb->escape($id);
			return $wpdb->get_row($sql);
		}// end : get_album_data


		/**
		 *	Get Gallery Information
		 */
		function get_gallery_info(){
			global $wpdb;
			$this->cur_gallery_info = $this->get_gallery_data();
		}// end : get_album_info
		
		/**
		 * @name get_image
		 * @example	get_imgs_group()
		 * @description Gets the images that are related to the album
		 */
		function get_imgs_group(){
			global $wpdb,$px_controller,$px_model;
			$this->cur_image_group = $wpdb->get_results("SELECT * FROM ".$px_model->vars['photos']." WHERE gallery_id=".$wpdb->escape($this->cur_gallery_id)." ORDER BY photo_order ASC");
		}// end : get_imgs_group
	
		/**
		 *	
		 */
		function get_js_func(){
			global $wpdb,$px_model,$px_view;
			
			$sql = "SELECT * FROM " . $px_model->vars['plugins'] .' where plugin_id ='.$px_model->cur_gallery_info->plugin_id;
			$tmp = $wpdb->get_row($sql);
			if( $tmp )
				$px_view->cur_js_func = $tmp->plugin_js;
			else
				$px_view->cur_js_func = $px_model->cur_gallery_info->plugin_id;
		}  // end : get_js_func
		

		
		function delete_gallery( $id ){
			global $wpdb;			
			$sql = "DELETE FROM ".$this->vars['galleries']." WHERE gallery_id = " . $wpdb->escape( $id ) . " LIMIT 1";
			@mysql_query( $sql ) or die("An unexpected error occured.".mysql_error());

			$sql = "DELETE FROM ".$this->vars['photos']." WHERE gallery_id = " . $wpdb->escape( $id );
			@mysql_query( $sql ) or die("An unexpected error occured.".mysql_error());
		}

		function update_photos(){
			global $wpdb;
			if(empty($_GET['value'])) return '{"error":"error_no_text"}';
			if(empty($_GET['pxiid'])) return '{"error":"error_no_id"}';
			
			$pxiid = (int) $_GET['pxiid'];
			$value = (string) $_GET['value'];
			
			$sql = "UPDATE " . $this->vars['photos'] . " SET photo_alt='".$wpdb->escape( $value ) ."' WHERE photo_id = " . $wpdb->escape( $pxiid );
			
			$r = @mysql_query($sql) or die("An unexpected error occured.".mysql_error());;
			
			if($r){
				echo '{"good":"no_errors"}';
			}
			else{
				echo '{"error":"error_update"}';
			}
			
		}
		

/*
==================================================
*/
		function get_set_album($get){
			global $wpdb;

			if( wp_verify_nonce($get['_once'],"photoxhibit_") != 1 ) return false;

			$id = (int) $get['album_id'];
			$album_name = (string) $get['album_name'];
			
			if( $id == 0 ){
				$sql = "INSERT INTO ".$this->vars['albums'] . "
						(album_name) VALUES ('". $wpdb->escape( $album_name )."')";
				$wpdb->query($sql);

				$id = mysql_insert_id();
			}
			else{
				$sql = "UPDATE ".$this->vars['albums'] . " SET album_name='". $wpdb->escape( $album_name )."' WHERE album_id=" . $id;
				$wpdb->query($sql);
			}
				
			echo '{"id":'.$id.',"album_name":"'.$get['album_name'].'"}';
		}
		
		function deleteAlbum(){
			global $wpdb;
			$aid = (int) $_GET['aid'];
			
			$options = get_option('photoxhibit');
			
			if( $options['options_dropall'] == 1 ){

				$this->get_upload_dir( $aid );
				$this->removeFolder( $this->cur_upload_dir );

				$results = $wpdb->get_results("SELECT albumPhotos_id FROM ".$this->vars['albumPhotos']." 
											WHERE album_id=".$wpdb->escape( $aid ));
											
				if(is_array($results) && is_a($results[0], 'stdClass')){
					foreach($results as $result => $v){
						$sql = "DELETE FROM ".$this->vars['photos']." 
								WHERE albumPhotos_id = " . $wpdb->escape( $v->albumPhotos_id ) . " 
								LIMIT 1";
						@mysql_query( $sql ) or die("An unexpected error occured.".mysql_error());
					}
				}
				
				$sql = "DELETE FROM ".$this->vars['albumPhotos']." 
						WHERE album_id = " . $wpdb->escape( $aid );
				@mysql_query( $sql ) or die("An unexpected error occured.".mysql_error());

			}
			else{
				$sql = "UPDATE ".$this->vars['albumPhotos'] ."
						SET album_id = 0 
						WHERE album_id = " . $aid;
				$wpdb->query($sql);			
			}

			$sql = "DELETE FROM ".$this->vars['albums']." WHERE album_id = " . $wpdb->escape( $aid ) . " LIMIT 1";
			@mysql_query( $sql ) or die("An unexpected error occured.".mysql_error());
		}
		
		function get_photos_from_album($id = NULL){
			global $wpdb;
			
/*echo '<pre>';
var_dump($wpdb);
echo '</pre>';*/
			if( $id == NULL ){
				$id = (int) $_GET['aid'];
			}
			$id = (int) $id;
			
			return $wpdb->get_results("SELECT * FROM ".$this->vars['albumPhotos']." as px, " . $wpdb->posts . " as p WHERE px.post_id = p.ID and  album_id=".$wpdb->escape($id));
		}
/*
==================================================
*/
		function upload(){
			$endMessage = '';
			$files = array();
			$aid = (int) $_POST['aid'];
			$_once = (string) $_POST['_once'];

			/*if( wp_verify_nonce($_once,"photoxhibit_") != 1 ){
				echo 'bad verifier : ';
				echo $_once;
				echo ' : ';
				echo wp_verify_nonce($_once,"photoxhibit_");
				return false;
			}*/
			
			if( $_GET['do'] == "upload" ){
				foreach ($_FILES['Filedata'] as $k => $l) {
					foreach ($l as $i => $v) {
						if (!array_key_exists($i, $files)){
							$files[$i] = array();
						}
						$files[$i][$k] = $v;
					}
				}
			}
			else{
				$files[0] =  $_FILES['Filedata'];
			}

			foreach( $files as $item ){
				if (!isset($item) || !is_uploaded_file($item["tmp_name"]) || $item["error"] != 0) {
					if( $_GET['do'] != "upload" ){
						header("HTTP/1.1 500 File Upload Error");
						if (isset($item)) {
							echo $item["error"];
						}		
						exit(0);
					}
				}
				else{
					$overrides = array('test_form'=>false);
					$file = wp_handle_upload($item, $overrides);
				
					if ( isset($file['error']) )
						return new WP_Error( 'upload_error', $file['error'] );

				
					$url = $file['url'];
					$type = $file['type'];
					$file = $file['file'];
					$title = preg_replace('/\.[^.]+$/', '', basename($file));
					$content = '';
				
					// use image exif/iptc data for title and caption defaults if possible
					if ( $image_meta = @wp_read_image_metadata($file) ) {
						if ( trim($image_meta['title']) )
							$title = $image_meta['title'];
						if ( trim($image_meta['caption']) )
							$content = $image_meta['caption'];
					}
				
					// Construct the attachment array
					$attachment = array(
						'post_mime_type' => $type,
						'guid' => $url,
						'post_parent' => $post_id,
						'post_title' => $title,
						'post_content' => $content,
					);

					// Save the data
					$id = wp_insert_attachment($attachment, $file, $post_parent);
					if ( !is_wp_error($id) ) {
						wp_update_attachment_metadata( $id, wp_generate_attachment_metadata( $id, $file ) );
					}
					
					$this->sync_photo_to_album($id, $aid);
					
					$src = wp_get_attachment_image_src($id);
					
					echo '{"albumPhotos_id":'.$id.', "albumPhotos_file":"'.$src[0].'"}';
				}
			}// end : foreach( $files as $file )
		}
		
		function sync_photo_to_album( $id=null, $aid=null){
			global $wpdb;
			$id = (int) $wpdb->escape($id);
			$aid = (int) $wpdb->escape($aid);
			$sql = "INSERT INTO ".$this->vars['albumPhotos']." 
					(album_id,post_id) VALUES (".$aid.",'".$id."')";
			$wpdb->query($sql);
		}
		
		function delete_image(){
			global $wpdb;
			
			$iid = (int) $wpdb->escape( $_GET['iid'] );
			$complete = (string) $_GET['complete'];
			$_once = (string) $_GET['_once'];

			if( wp_verify_nonce($_once,"photoxhibit_") != 1 ) return false;
						
			if( $complete == "true" ){
				$r = $wpdb->get_row( "SELECT post_id from ".$this->vars['albumPhotos']." WHERE albumPhotos_id = " . $iid . " LIMIT 1" );
				wp_delete_attachment( $r->post_id );
			}
			
			$sql = "DELETE FROM ".$this->vars['albumPhotos']." WHERE albumPhotos_id = " . $iid . " LIMIT 1";
			@mysql_query( $sql ) or die("An unexpected error occured.".mysql_error());
			echo '{done:true}';
		}
		
		function set_image_to_album($g){
			global $wpdb;
			$id = (int) $wpdb->escape($g['id']);
			$aid = (int) $wpdb->escape($g['aid']);
			$_once = (string) $wpdb->escape($g['_once']);
			
			if( wp_verify_nonce($_once,"photoxhibit_") != 1 ) return false;
			
			$this->sync_photo_to_album( $id, $aid);
			
			echo '{id:'.$wpdb->insert_id.'}';
		}
		
		/* @ album stuff @ */
		
		function get_albums(){
			global $wpdb;
			return $wpdb->get_results("SELECT * FROM ".$this->vars['albums']);
		}

	}//end : class px_model
}//end : if( !class_exists('px_model') )
?>